Hi Jerry,
Please see below.
The supplementary groups are determined by mapping the Windows group
to a gid. I'm having to remember what we already convered so apoligies
fotr asking again. Are you running winbindd? or just manually
mapping groups to SIDs ? Seems to be the former.
Winbind is running, yes.
I see. But it appears to me (correct me if I'm wrong) that
if a local Unix group is mapped with "net sam mapunixgroup", then
it becomes a local nested group and Samba could use
it in "valid users" - but apparently it doesn't, which confuses me.
No. The nested group functionality is only served by Winbind.
I guess my question now boils down to the following: when I access a share
as domain user DOMAIN\lz, is there a way to apply "valid users" check based
on the Unix group membership of the Unix user "lz". From what you are saying
I am getting the impression that the asnwer is no; is this really so?
Thanks,
Leonid
cheers, jerry
- --
=====================================================================
Samba ------- http://www.samba.org
Likewise Software --------- http://www.likewisesoftware.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIDKAIIR7qMdg1EfYRAk+fAJ4zn2iWrkmyVMcfXv9O09rRGWAzPgCcDkA8
E1O1kHw1lM1LDcE2xRcJfWY=
=ch5e
-----END PGP SIGNATURE-----
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
